ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

Security researchers report a sharp rise in malicious open-source packages in 2026, with npm registry threats already surpassing 2024 totals. A new benchmark study found that popular detection tools ...

U.S. cybersecurity agency CISA says the CopyFail bug is being actively used in hacking campaigns, and poses a major risk to servers and data centers that rely on Linux.

Trellix says a part of its source code repository was recently breached, but shared little other information about the ...

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

Personal AI agents are exploding in popularity, but nearly all of them still route intelligence through cloud APIs. Your "personal" AI continues to depend on someone else's server. At the same time, ...

Ethereum lost 17.91% of its TVL in the past 30 days after the Kelp DAO exploit. Every chain in the top 20 except Tron recorded negative monthly TVL changes. Mantle suffered the worst losses at 52.01% ...

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.